Just a FYI so you keep it in mind....
In the next release of Debian, currently testing, logrotate will require the use of 'su' to by-pass ownership.
---
error: skipping "/var/log/mailman/error" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
---
That is what you will get if you don't use 'su'
To fix you need to add 'su owner group' to the lines
/var/log/mailman/vette /var/log/mailman/error /var/log/mailman/bounce {
su list list
daily
missingok
create 0664 list list
rotate 3
compress
sharedscripts
postrotate
[ -f '/var/run/mailman/mailman.pid' ] && /usr/lib/mailman/bin/mailmanctl -q reopen || exit 0
endscript
}
Comments
Submitted by JamieCameron on Thu, 05/09/2013 - 15:57 Comment #1
That logrotate config file isn't supplied by Virtualmin though - I assume it is part of the mailman package.
So this seems more like a Debian bug?
Submitted by sgrayban on Thu, 05/09/2013 - 16:07 Comment #2
It's a distro wide security issue -- read the RH bug report.
Correct the logrotate file for mailman is supplied by the package however current installs of that file are not updated when this patched version of logrotate is installed. That means users will get a error like the one I posted and until you dig into it you don't realize you just need to add that 'su' line.
This was just a FYI for any future reports that probably will be posted here.
Submitted by JamieCameron on Thu, 05/09/2013 - 23:30 Comment #3
Ok, thanks - we'll keep this in mind as we work on Debian 7 support.